GeoFINDR: Practical approach to verify cloud instances geolocation in multicloud

In multicloud environments, where legal obligations, technical constraints and economic interests are at stake, it is of interest for stakeholders to be able to locate cloud data or the cloud instance where data are decrypted for processing. This paper proposes an original and practical delay-based approach, called GeoFINDR, to locate a cloud instance, e.g. a Virtual Machine (VM), over the Internet, based on RIPE Atlas landmarks. First, the assumed threat model and assumptions are more modern than in existing solutions, e.g. VM-scale localization in multicloud environments, a Cloud Service Provider (CSP) lying over the location of the VM. Second, the originality of the approach lies in four original ideas: (1) geolocation is performed from the VM, (2) a Greedy algorithm selects a first set LM_A of distributed audit landmarks in the vicinity of the declared area, (3) a sectorization algorithm identifies a set LM_S of other landmarks with distance-delay behavior similar to that of the VM to estimate the sector of the VM, and (4) the estimated location of the VM is calculated as the barycentre position of the LM_S landmarks. An open source tool is published on GitHub and experiments show that the localization accuracy can be as high as 22.1km, under adverse conditions, where the CSP lies about the location of the VM.